Vulnerabilities > Fedoraproject > Fedora > 34
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-25 | CVE-2021-3449 | NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. | 5.9 |
| 2021-03-25 | CVE-2020-1946 | OS Command Injection vulnerability in multiple products In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. | 9.8 |
| 2021-03-23 | CVE-2021-21351 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.1 |
| 2021-03-23 | CVE-2021-21350 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.8 |
| 2021-03-23 | CVE-2021-21349 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 8.6 |
| 2021-03-23 | CVE-2021-21348 | Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2021-03-23 | CVE-2021-21347 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.8 |
| 2021-03-23 | CVE-2021-21346 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.8 |
| 2021-03-23 | CVE-2021-21345 | OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.9 |
| 2021-03-23 | CVE-2021-21344 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.8 |